From: Markus Wichmann <nullplan@gmx.net>
To: musl@lists.openwall.com
Subject: Re: sem_wait and EINTR
Date: Thu, 6 Dec 2018 16:57:56 +0100 [thread overview]
Message-ID: <20181206155756.GB32233@voyager> (raw)
In-Reply-To: <20181206031756.GZ23599@brightrain.aerifal.cx>
On Wed, Dec 05, 2018 at 10:17:56PM -0500, Rich Felker wrote:
> I'd like it if we could avoid the pre-linux-2.6.22 bug of spurious
> EINTR from SYS_futex, but I don't see any way to do so except possibly
> wrapping all signal handlers and implementing restart-vs-EINTR
> ourselves. So if we need to change this, it might just be a case where
> we say "well, sorry, your kernel is broken" if someone is using a
> broken kernel.
>
> Thoughts?
>
> Rich
I really don't know what you are getting at, here. In the hypothetical
case you detected an EINTR return without a signal having been handled,
you could just retry the syscall. The problem is getting that
information in the first place.
Practically, I see a lot of work for little gain. Wrapping all signal
handlers means we need to save up to _NSIG function pointers. Access to
those doesn't need serialization any more than sigaction() does. Though,
what does it mean if someone changes the signal handler while we are in
the wrapper?
Due to SA_SIGINFO we'd need two different wrappers. Or we just always
set SA_SIGINFO in the kernel. I don't know if that incurs a runtime cost
in the kernel, though. On the plus side, restorers would get simpler.
Does the "actual signal arrived" bit need to be thread local? And what
about race conditions? Well, OK, most races I can think of aren't
actually a problem. Any signal arrival between resetting the flag before
the syscall and checking it after the syscall would then count.
So, all in all we need between 64 and 128 additional machine words in
the data section, sigaction() becomes more complicated, all users of
__timedwait_cp() become more complicated (you do want to make this
behavior consistent, right?), signal handling becomes more complicated
over all, and all of that just so that sem_wait() can fail but not
under all circumstances.
Speaking of calls that shouldn't fail but do: Is futex_wake() affected
by the same bug?
Ciao,
Markus
next prev parent reply other threads:[~2018-12-06 15:57 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-05 19:16 Orivej Desh
2018-12-05 19:47 ` Markus Wichmann
2018-12-05 21:27 ` Ondřej Jirman
2018-12-05 21:58 ` Rich Felker
2018-12-06 2:43 ` Orivej Desh
2018-12-06 3:17 ` Rich Felker
2018-12-06 15:57 ` Markus Wichmann [this message]
2018-12-06 16:23 ` Rich Felker
2018-12-06 17:03 ` Markus Wichmann
2018-12-06 17:33 ` Markus Wichmann
2018-12-06 20:31 ` Orivej Desh
2018-12-09 2:51 ` Rich Felker
2018-12-09 6:50 ` Markus Wichmann
2018-12-12 0:32 ` Rich Felker
2018-12-12 5:15 ` Markus Wichmann
2018-12-14 19:45 ` Rich Felker
2018-12-15 9:45 ` Markus Wichmann
2018-12-05 22:03 ` Rich Felker
2018-12-06 2:43 ` Orivej Desh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181206155756.GB32233@voyager \
--to=nullplan@gmx.net \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).